Timeout problems
Scott Battaglia
scott.battaglia at gmail.com
Thu May 8 21:58:52 EDT 2008
If you want to control the Single Sign On Session you need to modify the
granting ticket expiration policy. The Tomcat sessions have nothing to do
with your SSO session.
-Scott
On Thu, May 8, 2008 at 9:47 PM, tedzo <tedzo2003 at yahoo.com> wrote:
> I am really confused about session timeouts. I see the following 4
> variables that are configurable-
>
> 1. In ApplicationContext.xml, the second argument for
> "serviceTicketExpirationPolicy" Bean
> 2. In the same file, the first (and only) argument for
> "grantingTicketExpirationPolicy" Bean
> 3. In web.xml for CAS webapp, the "session-timeout" entry
> 4. In tomcat's web.xml (under /conf), the "<session-config>
> <session-timeout>...." entry
>
> I assumed just setting #3 above would control the timeout. That doesn't
> seem like it. So, I have been trying combinations and the one that worked is
> setting #2 AND #4 to the same value. Is that right or am I missing something
> here? I am using 3.06 server.
>
> Also, by session timeout, I mean- I login and keep working. I walk away for
> 30 minutes (say) after I make my last request, I come back and try to access
> some CAS protected page. I should be asked to login again.
>
> Your thoughts are appreciated.
>
> Thanks.
>
> ------------------------------
> Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it
> now.<http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080508/a303fcf6/attachment.html
More information about the cas
mailing list